Reality of working in Cybersecurity: SOC Analyst (MSSP)
Рет қаралды 22,208
Күн бұрынThe reality of working in a security operations center as a cyber security analyst in a managed security service provider. Embarking on a journey as a cybersecurity analyst within a Managed Security Service Provider unveils the true essence of working in a Security Operations Center. This dynamic environment presents both challenges and rewards, making it an exceptional starting point to gain invaluable hands-on experience in the cybersecurity realm.
If you want to become a SOC Analyst grab the no BS SOC roadmap here
mydfir.gumroad.com/l/SOC-Anal...
_________________________________
THE MYDFIR SOC ANALYST COURSE:
With 8 chapters and 30+ hands-on labs tailored to security operations, I am focused on transforming you into a standout SOC analyst. Beyond tools, you'll master the investigation process and uncover hidden details. Let's make a real difference together.
▸Enroll here: academy.mydfir.com/p/soc
_________________________________
SIGN UP FOR FREE MENTORSHIP
Getting started in Cybersecurity is difficult and you don't have to do it alone.
Let me help you on your journey.
▸Sign up for FREE here: www.mydfir.com/mentorship
_________________________________
RECOMMEND COURSES FOR BEGINNERS:
Coursera Google Cybersecurity Program
Affiliate Link - imp.i384100.net/mydfir
Microsoft Cybersecurity Analyst Professional Certificate
Affiliate Link - imp.i384100.net/mydfir-MS
Coursera Google IT Support Professional Certificate
Affiliate Link - imp.i384100.net/mydfir-IT
_________________________________
PRODUCTS TO HELP YOU GET STARTED
🗺️ 1-Year Cybersecurity Roadmap: mydfir.gumroad.com/l/roadmap
📄 Resume Template: mydfir.gumroad.com/l/Resume-T...
📑 Cover Letter Template: mydfir.gumroad.com/l/Cover-Le...
🎙️ Interview Questions: www.mydfir.com/interview
📚 Cybersecurity bookmarks: mydfir.gumroad.com/l/bookmarks
_________________________________
EARLY ACCESS & EXCLUSIVE VIDEOS
Patreon: / mydfir
_________________________________
🕒 TIMELINE
00:00 - Intro
00:28 - Teammates
01:18 - Pay / Salary
01:49 - Shifts
03:31 - Stress
06:17 - Managers & Clients
_________________________________
FOLLOW ME ON SOCIAL MEDIA:
▸Instagram: / mydfir
▸X: x.com/@MyDFIR
Disclaimer: All opinions in my videos are solely my own. Some links provided are affiliate links!
#cybersecurity #SecurityAnalyst #careertips #mssp #SOC #cybersecurityanalyst #dayinthelife
@emilyau8023 9 ай бұрын
After researching this career thoroughly I decided to not go into the cyber route, but I appreciate youtubers like yourself who are telling the truth and not just glamorizing it.
@MyDFIR 9 ай бұрын
Anytime! I should note that the SOC is not the only route into cybersecurity as it is quite a large field. But I am sure you have learned that from your research. Good luck in your endeavours!
@bagabrielor 8 ай бұрын
@@MyDFIR Is it realistic to get a career in cybersecurity without IT undergraduate degree etc. , or individual certificates/courses,/self studies (and experience) would be enough?Thank you.
@emilyau8023 6 ай бұрын
@@bagabrielor there's probably a person who has done it by working in IT for years and started as help desk. It's not ideal if you want to get noticed as soon as possible.
@hiphopsecops Ай бұрын
@@bagabrielor Yes
@riyan6217 8 ай бұрын
00:04 Teammates in a SOC can have a significant impact on shift performance 01:12 Working as a tier one cyber security SOC analyst may not initially pay as much as you expect, but it provides valuable experience. 02:19 Working in a cybersecurity SOC involves working in shifts that has pros and cons. 03:23 Working as a SOC Analyst in an MSSP environment can be highly stressful due to workload and lack of process. 04:35 High priority tickets in cybersecurity can be stressful due to client interaction and fear of mistakes. 05:41 Working in a SOC environment can be stressful but rewarding 06:48 Clients often have unrealistic expectations from SOC analysts and may not understand the limitations. 08:00 Working in a SOC environment can be stressful, but it offers great networking opportunities and potential for career growth.
@PacketWatchDog 5 ай бұрын
Yeah the SOC pay went way down with the flood of 1-3 year Security experienced people over last 3-4 years.
@bradrickrobinson7452 7 ай бұрын
Thanks for the heads up without the sugar coating.
@callmebigpapa 10 ай бұрын
Great video! The SOC is great in that you see new types issues all the time. Your teammates and previous cases/tickets are invaluable. The stress is real however for the queue floods, viewed properly, these are an opportunity to tune, tune, tune. One valuable insight you will have as a Analyst 1 is that you will be able to see with fresh eyes where process and procedures are not current for the environment. Use this to build your personal brand within your company. One important aspect to this to always come to management with a solution(s) to the problem you are pointing out. This is channel is a great resource for those starting out!
@MyDFIR 10 ай бұрын
Thanks! Absolutely, one thing I miss about working at an MSSP is experiencing new issues ALL THE TIME. You really do learn so much and touch a bunch of tools. I like to call it a “boot camp” at times because that is how it feels like in most environments.
@ShadowKenneth96 6 ай бұрын
Awesome video man. This reminds me alot of my time in a NOC. I worked in the NOC for one of the major US ISPs as a Tier 1 tech for about 2 years before I became a Network Engineer for an adjacent team as a fix agent that I used to engage for outages/impairment problems.The initial investigation, event triaging and escalating notifications are something that's a major part of that NOC job and seems to have a decent translation to your overall experience in the SOC. Great stuff man.
@MyDFIR 6 ай бұрын
Thanks! Hopefully I did not give you terrible flashbacks 😂 - alerts…so many alerts!!
@DubThaDetailer 10 ай бұрын
Another gem of a video from you, man. I really appreciate this.
@MyDFIR 10 ай бұрын
Thank you! Appreciate the support
@Henoik 2 ай бұрын
I work as an incident coordinator in an in-house CERT. This is indeed a stressful and at times unforgiving job. I think many people will get overwhelmed and start focusing on just closing alerts rather than correctly triaging and escalating them. It is okay to take a breather, and then go back looking at the alerts with a fresh set of eyes - because even worse than a bunch of open alerts, are closing true positives without escalation or containment. However, for us, it's also very important that the SOC don't escalate false positives, as that in turn gives us much more to do.
@MyDFIR 2 ай бұрын
Absolutely! Thanks for sharing ❤️
@yahebedyah4416 10 ай бұрын
All these things are part of life like you said it’s all about your mindset more work to me makes the time goes by faster and it’s a blessing in disguise imo take advantage of that experience and control what you can remember life is always about continuous growth your goal should always be in front of you All these situations are temporary
@MyDFIR 10 ай бұрын
Absolutely! Take advantage and “be a sponge” as they say. 100% agree you with, all these situations are temporary.
@deadmanstoolbox 4 ай бұрын
Thanks I have become a husk of a person
@ronaldtimm467 9 ай бұрын
Extremely useful information. Thank you so much.
@MyDFIR 9 ай бұрын
Glad it was helpful!
@albanleung331 10 ай бұрын
very informative. Thank you.
@MyDFIR 10 ай бұрын
Glad it was helpful!
@bigdaddyrazor 26 күн бұрын
As an L2 SOC Analyst myself I couldn’t not agree more on the topic, these are my exact thoughts that I have had since I started as a L1 Analyst, kind of unfortunate to see that this is the norm even abroad 😂😂
@MyDFIR 21 күн бұрын
Haha yeah… After being in a couple SOCs, they pretty much are universal. Just different tools
@omkarnanche9792 10 ай бұрын
I totally agree with your views , according to me I feel the cons outweigh the pros :D
@MyDFIR 10 ай бұрын
😂 At the end of the day, a SOC although hectic provides valuable skills ESPECIALLY if you are at an MSSP.
@Nurr0 5 ай бұрын
Thanks for the honest info, this made me fairly sure I DON'T want to work in an SOC tbh, but it could be great for others.
@MyDFIR 5 ай бұрын
Glad it was helpful! I wanted to be transparent as possible. Do keep in mind that not all SOCs are the same, some are great.
@ayindeperouza7703 10 ай бұрын
Well said I had that experience working as a Tier 2 Technician
@MyDFIR 10 ай бұрын
Thanks for watching!
@TetelestaiAdonai 2 ай бұрын
Thanks again Brother, for posting these videos. May you continue to post informative, realistic and down to earth videos. You are definitely underrated. I have been in the WGU cyber bach program and started to dig deeper into this career and what is the reality of it. More cons than pros in my opinion. From short staff, to alert fatigue, high stress rate, on calls, etc. I do say the world of IT is interesting. When I learn about these things I do experience a sense of being a smarty pants (hidden knowledge that others are clueless to) in my self. IT is vast and interesting which I like. I do plan to stay in IT, leaning towards Coding(CSS HTML), since thats what I started working on when I had a interest in tech a self learner before college. For everyone reading this, Don't make the mistake in being infatuated with the fun and cool things you like too much but also consider the hard and boring things, it does make a difference in your life. Choose wisely.
@MyDFIR 2 ай бұрын
Thanks for the kind and wise words! I absolutely agree and try to make it a point where you gotta love what you’re doing to survive in this industry otherwise good luck!
@rejwar Ай бұрын
carry on bro
@evemackenzie6138 10 ай бұрын
huh, sounds like something exactly for me heh. Hope i get the chance to become a SOC analyst in the future. Really want to experience what you've listed
@MyDFIR 10 ай бұрын
You’ll get there! I see your initiatives and your drive.
@evemackenzie6138 10 ай бұрын
@@MyDFIR Thanks! I'll try my best to be helpful to everyone!
@faisalkhan5410 10 ай бұрын
Great video ❣
@MyDFIR 10 ай бұрын
Thank you!!
@Charliejam. 9 ай бұрын
Great Video🔥
@MyDFIR 9 ай бұрын
Thanks!
@stevesploit 9 ай бұрын
Would CySA+ be beneficial to have working in a SOC? I already have Sec+ & PenTest+ & PenTest THM, and I’m thinking because there is lots of crossover of topics between the 3 certs it wouldn’t take much to knock off CySA+ 🤷♂️ I’m doing Blue Team Level1 next as well. Great channel. Thank you 👌
@MyDFIR 9 ай бұрын
Great question - Beneficial? IMO, good to have but not needed - You are correct that there is a lot of crossover, however I would suggest not “chasing” certificates for the sake of obtaining certificates. Instead I would recommend you spend your energy and time into hands on labs and network with others. Attend conferences, webinars & CTFs - I am confident you already have the knowledge to excel in this field, just need to start showing others that you are capable and networking should help you with that. Great job on enrolling into Blue Team Level One btw - Provides you with that hands on experience that is definitely needed in this field. Good luck with your studies & thanks for your support!
@stevesploit 9 ай бұрын
@@MyDFIR Thankyou, much appreciated.
@user-ft2rs6vu7d 10 ай бұрын
😢 Great video! Not so many blue teamers talk about it. If you were to choose between a job at MSSP or a company that has their own SOC which one would you choose?
@MyDFIR 10 ай бұрын
That is a great question! My views are this: what do you value more, time or experience? Time = In-house SOC - you are limited to detecting & responding to attack vectors targeting your single organization. Once you fine tune you will be in a good spot which will give you TIME to breathe. Experience = MSSP - you detect & respond to many different attack vectors. Everybody is attacking everybody and you get to see all that and you’re not limited to 1 single organization but that means you will likely have 0 time to breathe but you’ll gain valuable EXPERIENCE.
@user-ft2rs6vu7d 10 ай бұрын
@@MyDFIR Thank you! Yes, I have no doubt that working for MSSP you can learn much more than working at in-house SOC..
@Gxnnelle 9 ай бұрын
@@MyDFIRI hate working at an MSSP, it moves so fast, no time to breathe and no time to thoroughly learn anything😔
@tigerscott2966 10 ай бұрын
Good video... Some people just work better alone... Being part of a team can be a drain if your team mates are slackers or don't have soft skills like time management and dealing with prickly clients.... Thanks.
@MyDFIR 10 ай бұрын
Agreed! It is nice to have teammates to bounce ideas off of but I definitely work best alone.
@seetsamolapo5600 10 ай бұрын
Not sure if youvemade a video on this as I've just subscribed but what certifications pathway would you recommend for getting that entry level job? I'm about yo check your video on the projects below
@MyDFIR 10 ай бұрын
Hey! There is no “correct” pathway per se, but a lot of organizations tend to love Security+ so it won’t hurt to go after that. I would then go for either BTLO or CCD (CyberDefenders) as they both provide topics that focuses on analysis. The trajectory is pointing towards automating out the Tier 1/ junior SOC position where it will reduce the work they typically do so you will need to start focusing on “deep-dive” investigations, typically what a Tier 2 would do. In order to focus on that, work on labs, learn what data sources are and which ones are more “useful”, and understand how the Operating System works.
@MustafaSahil 7 ай бұрын
Great video 🎯, what will you recommend to a fresh CS graduate SOC or full stack web development? Specially in long-run , in terms of money 💰as well, who makes more ? Specially when moving to US from india in future is a goal as well. Thanks
@MyDFIR 7 ай бұрын
I hate to be THAT person but it all depends on you, what do you enjoy most? I am biased towards a SOC because that is where Is started and unfortunately I do not have much experience within the full stack web development realm. Nonetheless, these two fields should provide you with valuable skills. The money portion will depend on how you will utilize those skills. Hope that helps!
@MustafaSahil 7 ай бұрын
@@MyDFIR thank you so much, i enjoy and hate both, i have little experience as administrator of local network of a educational institute. I enjoyed it But this is very basic i mean i need more intense learnings if i set my goal as SOC analyst, On the other hand i have very little experience in development, i am full of dedication to learn, but actually i am poor at both side, mentally not that sharp i loved computers which makes me fall into this field, i am more kind of writer/poetic personality. personally i prefer independence, flexible working hours, work from home, and to fullfil responsibilities i have to look for money as well. So i am stuck in deciding....
@rigo9691 10 ай бұрын
Great video! How do you go about finding SOC jobs in a MSSP?
@MyDFIR 10 ай бұрын
I simply use a website called Indeed or use LinkedIn and search for SOC jobs. Those offering a role, I would search up and learn more about the company and look for services/words around “managed”
@puucca 9 ай бұрын
nice video dude
@MyDFIR 9 ай бұрын
Thanks!
@user-xc5vj1hb6w 8 ай бұрын
Hello SIR, I hope you're well, very good video... Can you give me some examples of processes and documentation that need to be included in an MSSP SOC base to ensure it works properly? Thank you in advance for your feedback.
@MyDFIR 8 ай бұрын
Not sure what you mean when it comes to "ensure it works properly" however, some of the documentation that I noticed that were lacking or non-existent when I worked in a SOC were the following. 1) Updated client information. - This includes how to escalate, what are their SLAs, what do we manage or what services are they enrolled in and most importantly, who are the contacts that we should call when an incident occurs? 2) SOPs on how to access certain tools or request access to these tools. 3) Usecase knowledge base. - If applicable, it is important to have something similar as this should explain to the analyst what this use case means and what are some pointers to investigate it. It should also include the trigger actions to show WHY it triggered. Hope that helps.
@arashautomationlab9088 8 ай бұрын
Great video Just one question from you, I recently certified In cybersecurity field after finishing ISC2 CC certification and I now study Splunk, Do you think after finishing Splunk, Am I ready to apply for job as a Junior SOC analyst?
@MyDFIR 8 ай бұрын
Are you comfortable explaining technical terms? What about experience with hands on labs? As long as you are confident in your capabilities and have a good understanding of cybersecurity fundamentals, you can give it a try!
@SuperMdogo 10 ай бұрын
How did you manage to get your GIAC certifications? Did you pay for them or did the employer pay?
@MyDFIR 10 ай бұрын
Great question - it was a mix of both. Employers & myself. Although the price is insane, I always tell myself that the best investment you will ever make, is in yourself.
@highlui4222 10 ай бұрын
Well disappointed is Greg area to the scheduling. I’ve been studying for my sec+ and doing TryHackMe SOC analyst 1 room but I also have 2 young kids and a baby boy that should be here in January. Not saying it’s impossible but if I can’t get that 8-4 shift or even doing overnight shift when little man is older and not likely to wake up in the middle of the night then it would be doable. Might have to forget SOC and go for an engineer role???
@MyDFIR 10 ай бұрын
I’ll be honest with you, it will be difficult. BUT it is temporary that I can promise you. In the beginning you *may* get 9-5 for the initial shadowing period (~3 months) but you’ll eventually transition into shifts (at least from my experience) but after a year or 2 you can transition into permanent 9-5 or 8-4 which you mentioned. But in the beginning, that rarely happens unfortunately. As for forgetting the SOC and go for an engineer role, although possible, unless you are skilled in coding/architecture it may be more difficult getting into compared to a SOC. Hope that helps!
@pasqualegargiulo9648 7 күн бұрын
i could be ready for such a thing, my worry is how long could you be stuck in a tier 1 analyst job? I am currently trying to get out of tier 1 service desk and seems impossible, i passed a few certs, studying here and there, but still nothing comes up..
@MyDFIR 6 күн бұрын
The market isn’t that great right now, have you talked about your next steps/interests with your manager?
@pasqualegargiulo9648 5 күн бұрын
@@MyDFIR feels strange with all of those attacks happening everyday that big company do not extend their security team. I spoke to my manager to swap position due to have opening in the IAm team but also as a AD specialist but, they do not care much. they like me where i am
@Strategic. 10 ай бұрын
Is there a chance to land a pen tester job as your first job in cyber security?
@MyDFIR 10 ай бұрын
Yea for sure! Will it be difficult? Maybe, but you’ll likely won’t be diving straight into pentesting depending on how/what you define pentest as. You would likely start out as a vulnerability analyst who will run scans and provide reports.
@tonya.1786 3 ай бұрын
What role would be similar to SOC but without the high level stress and unrealistic expectations?
@MyDFIR 3 ай бұрын
Great question, all jobs will have some level of stress but I thought of a system administrator as they would still have some of the SOC duties which are detect, monitor & respond to threats but they are not tied down to that. However with system admins, they have a different kind of stress haha
@WhatWouldLeeDo. 9 ай бұрын
Is there a monthly subscription for his website?
@MyDFIR 9 ай бұрын
Im assuming you mean my mentorship? If so, nope - just trying to help where I can!
@machelawili5473 10 ай бұрын
Hey mind telling me the Mssps that hire globally
@MyDFIR 10 ай бұрын
Off the top, I recall the bigger consulting firms such as Deloitte, PwC, Accenture to name a few, provide an MSSP service that hires globally.
@Shitoken1 6 ай бұрын
What made you quit the SOC position and what are you doing now for work?
@MyDFIR 6 ай бұрын
Great question, many reasons but mainly I wanted to specialize and to DFIR. I am now a DFIR consultant but still do SOC work on the side.
@Shitoken1 6 ай бұрын
@@MyDFIR is there a road map to get into DFIR since it's so niche? Even finding that kind of work on LinkedIn or indeed is still far and few between.
@shinigamirenegade 9 ай бұрын
How did you get your foot in the door .
@MyDFIR 9 ай бұрын
Great question, foot in the door for Security was via a colleague of mine, he referred me to a SOC position when I said I was interested, which is why I stress the importance of networking with others! Prior to that, I started my career in IT helpdesk and got in by applying to helpdesk roles simply accepting anything in terms of compensation. My mindset was experience > money.
@shinigamirenegade 9 ай бұрын
@@MyDFIR thanks bro. I might have to take the hit financially .
@iTzMobieTV 4 ай бұрын
why not mention the starting salary/pay you had for the first job?
@MyDFIR 4 ай бұрын
I do in later videos but the first job I made 45k
@crikey204 4 ай бұрын
THe MSSP i work for use a follow-the-sun model so no one is has to work night shifts which is excellent. They also do well hiring for culture so that weeds out the dickheads. I've yet to meet someone I don't like in the global SOC team
@MyDFIR 4 ай бұрын
That is awesome! I wish I worked in a follow-the-sun model. Sounds like a great work environment. Super happy for you ♥
@crikey204 4 ай бұрын
@@MyDFIR i have you to thank for! It was because of those lab projects you did, i was able to replicate and understand SOC in a real way and showed it in my interview!
@kevinbirmingham8629 7 ай бұрын
I so want to do this for a living.
@MyDFIR 7 ай бұрын
You can do it!
Gerald Auger, PhD - Simply Cyber
Рет қаралды 61 М.
Tips Workshop
Рет қаралды 16 МЛН
Frank Huynh
Рет қаралды 30 М.
Cyber Tom
Рет қаралды 141 М.
Rajneesh Gupta
Рет қаралды 1,4 М.